Skip to content

SecOps, SOAR, and the Mainframe

by Edward Shim

In the mainframe context, Security Operations is the uniting of two distinct teams: mainframe and security. In today’s cybersecurity landscape where every endpoint, including the mainframe, is a potential target, mainframe and security operations need to work together to be successful. Both teams bring the requisite expertise to work towards a shared goal: a more secure enterprise with visibility into one of its most critical assets – the mainframe.

We’ll discuss how to improve mainframe and security SecOps and best practices to help break down traditional informational silos. If your organization would benefit from learning more about any of the below, then this webinar is for you!


  • What is SecOps? Integration, shared accountability, greater visibility into vulnerabilities, and adoption of proactive security practices across both teams. 
  • What is the reality of SecOps today in the mainframe world? 
  • What makes communication so hard between different teams? 
  • What is the risk underlying this? 
  • Where can we focus to improve SecOps effectively? 
  • What are some real-world examples of how a disconnect between Security and Operations had an adverse impact on the mainframe organization? 


  • What can you leverage today that already exist in your environment to improve SecOps? 
  • What can effective tools and implementation help prevent? 
  • How can you improve processes and workflows? 
  • What are some real-world examples of the risk of ineffective processes and workflows? 
  • Why are security frameworks important? 
  • What are some best practices in mainframe security from a business investment perspective? 

End State 

  • What does right look like from a high level? 
  • What about architecturally? 
  • What’s an example use case where a mature SecOps structure detects and responds to malicious activity? 
  • Key Takeaways 

In addition, we’ll discuss what Security Orchestration, Automation, and Response (SOAR) is, why it can be effective with the right implementation, and how SOAR capabilities can help secure your mainframe more effectively and efficiently.

We look forward to seeing you there! 

Edward Shim is Senior Product Owner, BMC AMI Security at BMC Software and is delivering a Lunch and Learn session at the GSE UK Virtual Conference 2021

Back To Top